Bump miniflare and wrangler

[dependabot]

Bumps miniflare and wrangler. These dependencies needed to be updated together.
Updates miniflare from 3.20230904.0 to 3.20231030.4

Release notes

Sourced from miniflare's releases.

[email protected]

Patch Changes

• #4448 eb08e2dc Thanks @​mrbbot! - fix: include request url and headers in pretty error page

  This change ensures Miniflare's pretty error page includes the URL and headers of the incoming request, rather than Miniflare's internal request for the page.

[email protected]

Patch Changes

• #4466 71fb0b86 Thanks @​mrbbot! - fix: ensure unused KV and Cache blobs cleaned up

  When storing data in KV, Cache and R2, Miniflare uses both an SQL database and separate blob store. When writing a key/value pair, a blob is created for the new value and the old blob for the previous value (if any) is deleted. A few months ago, we introduced a change that prevented old blobs being deleted for KV and Cache. R2 was unaffected. This shouldn't have caused any problems, but could lead to persistence directories growing unnecessarily as they filled up with garbage blobs. This change ensures garbage blobs are deleted.

  Note existing garbage will not be cleaned up. If you'd like to do this, download this Node script (https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076). If you're using the default Wrangler persistence directory, run node gc.mjs kv .wrangler/state/v3/kv <namespace_id_1> <namespace_id_2> ... and node gc.mjs cache .wrangler/state/v3/cache default named:<cache_name_1> named:<cache_name_2> ... with each of your KV namespace IDs (not binding names) and named caches.

• #4550 63708a94 Thanks @​mrbbot! - fix: validate Host and Orgin headers where appropriate

  Host and Origin headers are now checked when connecting to the inspector and Miniflare's magic proxy. If these don't match what's expected, the request will fail.

[email protected]

Patch Changes

• #4505 1b348782 Thanks @​mrbbot! - fix: remove __STATIC_CONTENT_MANIFEST from module worker env

  When using Workers Sites with a module worker, the asset manifest must be imported from the __STATIC_CONTENT_MANIFEST virtual module. Miniflare provided this module, but also erroneously added __STATIC_CONTENT_MANIFEST to the env object too. Whilst this didn't break anything locally, it could cause users to develop Workers that ran locally, but not when deployed. This change ensures env doesn't contain __STATIC_CONTENT_MANIFEST.

[email protected]

Minor Changes

• #4348 be2b9cf5 Thanks @​mrbbot! - feat: add support for wrapped bindings

  This change adds a new wrappedBindings worker option for configuring workerd's wrapped bindings. These allow custom bindings to be written as JavaScript functions accepting an env parameter of "inner bindings" and returning the value to bind. For more details, refer to the API docs.

• #4341 d9908743 Thanks @​RamIdeas! - Added a handleRuntimeStdio which enables wrangler (or any other direct use of Miniflare) to handle the stdout and stderr streams from the workerd child process. By default, if this option is not provided, the previous behaviour is retained which splits the streams into lines and calls console.log/console.error.

[email protected]

Minor Changes

• #4324 16cc2e92 Thanks @​penalosa! - Update to latest [email protected]

• #4322 8a25b7fb Thanks @​dario-piotrowicz! - add unsafeEvalBinding option

... (truncated)

Changelog

Sourced from miniflare's changelog.

3.20231030.4

Patch Changes

• #4448 eb08e2dc Thanks @​mrbbot! - fix: include request url and headers in pretty error page

  This change ensures Miniflare's pretty error page includes the URL and headers of the incoming request, rather than Miniflare's internal request for the page.

3.20231030.3

Patch Changes

• #4466 71fb0b86 Thanks @​mrbbot! - fix: ensure unused KV and Cache blobs cleaned up

  When storing data in KV, Cache and R2, Miniflare uses both an SQL database and separate blob store. When writing a key/value pair, a blob is created for the new value and the old blob for the previous value (if any) is deleted. A few months ago, we introduced a change that prevented old blobs being deleted for KV and Cache. R2 was unaffected. This shouldn't have caused any problems, but could lead to persistence directories growing unnecessarily as they filled up with garbage blobs. This change ensures garbage blobs are deleted.

  Note existing garbage will not be cleaned up. If you'd like to do this, download this Node script (https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076). If you're using the default Wrangler persistence directory, run node gc.mjs kv .wrangler/state/v3/kv <namespace_id_1> <namespace_id_2> ... and node gc.mjs cache .wrangler/state/v3/cache default named:<cache_name_1> named:<cache_name_2> ... with each of your KV namespace IDs (not binding names) and named caches.

• #4550 63708a94 Thanks @​mrbbot! - fix: validate Host and Orgin headers where appropriate

  Host and Origin headers are now checked when connecting to the inspector and Miniflare's magic proxy. If these don't match what's expected, the request will fail.

3.20231030.2

Patch Changes

• #4505 1b348782 Thanks @​mrbbot! - fix: remove __STATIC_CONTENT_MANIFEST from module worker env

  When using Workers Sites with a module worker, the asset manifest must be imported from the __STATIC_CONTENT_MANIFEST virtual module. Miniflare provided this module, but also erroneously added __STATIC_CONTENT_MANIFEST to the env object too. Whilst this didn't break anything locally, it could cause users to develop Workers that ran locally, but not when deployed. This change ensures env doesn't contain __STATIC_CONTENT_MANIFEST.

3.20231030.1

Minor Changes

• #4348 be2b9cf5 Thanks @​mrbbot! - feat: add support for wrapped bindings

  This change adds a new wrappedBindings worker option for configuring workerd's wrapped bindings. These allow custom bindings to be written as JavaScript functions accepting an env parameter of "inner bindings" and returning the value to bind. For more details, refer to the API docs.

• #4341 d9908743 Thanks @​RamIdeas! - Added a handleRuntimeStdio which enables wrangler (or any other direct use of Miniflare) to handle the stdout and stderr streams from the workerd child process. By default, if this option is not provided, the previous behaviour is retained which splits the streams into lines and calls console.log/console.error.

3.20231030.0

Minor Changes

• #4324 16cc2e92 Thanks @​penalosa! - Update to latest [email protected]

... (truncated)

Commits

• 7506b24 Version Packages (#4559)
• eb08e2d fix: include request url and headers in pretty error page (#4448)
• 5e67ea1 Version Packages (#4536)
• 63708a9 fix: validate Host/Origin headers in magic proxy and `InspectorProxyWorke...
• 71fb0b8 fix: ensure unused KV and Cache blobs cleaned up (#4466)
• 97727de Version Packages (#4495)
• 311ffbd [wrangler] fix: change wrangler (pages) dev to listen on localhost by def...
• 1b34878 fix: remove __STATIC_CONTENT_MANIFEST from module worker env (#4505)
• f728503 Version Packages (#4463)
• be2b9cf feat: add support for wrapped bindings (#4348)
• Additional commits viewable in compare view

Updates wrangler from 3.8.0 to 3.22.1

Release notes

Sourced from wrangler's releases.

[email protected]

Patch Changes

• #4635 5bc2699d Thanks @​mrbbot! - fix: prevent zombie workerd processes

  Previously, running wrangler dev would leave behind "zombie" workerd processes. These processes prevented the same port being bound if wrangler dev was restarted and sometimes consumed lots of CPU time. This change ensures all workerd processes are killed when wrangler dev is shutdown.

  To clean-up existing zombie processes, run pkill -KILL workerd on macOS/Linux or taskkill /f /im workerd.exe on Windows.

[email protected]

Minor Changes

• #4632 a6a4e8a4 Thanks @​G4brym! - Deprecate constellation commands and add a warning when using the constellation binding

• #4130 e8a2a1d9 Thanks @​vkrasnov! - Added support for R2 Sippy incremental migration

• #4621 98dee932 Thanks @​rozenmd! - feat: add rows written/read in the last 24 hours to wrangler d1 info output

• #4426 c628de59 Thanks @​OilyLime! - Improve queues list displaying as table, update queues API types

[email protected]

Minor Changes

• #4423 a94ef570 Thanks @​mrbbot! - feat: apply source mapping to logged strings

  Previously, Wrangler would only apply source mapping to uncaught exceptions. This meant if you caught an exception and logged its stack trace, the call sites would reference built JavaScript files as opposed to source files. This change looks for stack traces in logged messages, and tries to source map them.

  Note source mapping is only applied when outputting logs. Error#stack does not return a source mapped stack trace. This means the actual runtime value of new Error().stack and the output from console.log(new Error().stack) may be different.

Patch Changes

• #4511 66394681 Thanks @​huw! - Add 'took recursive isolate lock' warning to workerd output exceptions

[email protected]

Minor Changes

• #4522 c10bf0fd Thanks @​G4brym! - Add support for Workers AI in local mode

• #4571 3314dbde Thanks @​penalosa! - feat: When Wrangler crashes, send an error report to Sentry to aid in debugging.

  When Wrangler's top-level exception handler catches an error thrown from Wrangler's application, it will offer to report the error to Sentry. This requires opt-in from the user every time.

Patch Changes

• #4577 4c85fe99 Thanks @​dario-piotrowicz! - During the R2 validation, show MAX_UPLOAD_SIZE errors using MiB (consistently with the Cloudflare docs)

... (truncated)

Changelog

Sourced from wrangler's changelog.

3.22.1

Patch Changes

• #4635 5bc2699d Thanks @​mrbbot! - fix: prevent zombie workerd processes

  Previously, running wrangler dev would leave behind "zombie" workerd processes. These processes prevented the same port being bound if wrangler dev was restarted and sometimes consumed lots of CPU time. This change ensures all workerd processes are killed when wrangler dev is shutdown.

  To clean-up existing zombie processes, run pkill -KILL workerd on macOS/Linux or taskkill /f /im workerd.exe on Windows.

3.22.0

Minor Changes

• #4632 a6a4e8a4 Thanks @​G4brym! - Deprecate constellation commands and add a warning when using the constellation binding

• #4130 e8a2a1d9 Thanks @​vkrasnov! - Added support for R2 Sippy incremental migration

• #4621 98dee932 Thanks @​rozenmd! - feat: add rows written/read in the last 24 hours to wrangler d1 info output

• #4426 c628de59 Thanks @​OilyLime! - Improve queues list displaying as table, update queues API types

3.21.0

Minor Changes

• #4423 a94ef570 Thanks @​mrbbot! - feat: apply source mapping to logged strings

  Previously, Wrangler would only apply source mapping to uncaught exceptions. This meant if you caught an exception and logged its stack trace, the call sites would reference built JavaScript files as opposed to source files. This change looks for stack traces in logged messages, and tries to source map them.

  Note source mapping is only applied when outputting logs. Error#stack does not return a source mapped stack trace. This means the actual runtime value of new Error().stack and the output from console.log(new Error().stack) may be different.

Patch Changes

• #4511 66394681 Thanks @​huw! - Add 'took recursive isolate lock' warning to workerd output exceptions

3.20.0

Minor Changes

• #4522 c10bf0fd Thanks @​G4brym! - Add support for Workers AI in local mode

• #4571 3314dbde Thanks @​penalosa! - feat: When Wrangler crashes, send an error report to Sentry to aid in debugging.

  When Wrangler's top-level exception handler catches an error thrown from Wrangler's application, it will offer to report the error to Sentry. This requires opt-in from the user every time.

Patch Changes

• #4577 4c85fe99 Thanks @​dario-piotrowicz! - During the R2 validation, show MAX_UPLOAD_SIZE errors using MiB (consistently with the Cloudflare docs)

... (truncated)

Commits

• 6d3d46a Version Packages (#4638)
• 5bc2699 fix: prevent zombie workerd processes (#4635)
• 35e8a5d Version Packages (#4620)
• a6a4e8a Deprecate constellation commands and add a warning when using the constellati...
• e8a2a1d R2: Add Sippy support (#4130)
• cd4f63a Add info about node:${module} syntax for nodejs_compat (#4485)
• c628de5 Improve listing of queues and update API types (#4426)
• 98dee93 [D1] add rows read/written to wrangler d1 info output (#4621)
• 912bfeb Version Packages (#4595)
• a94ef57 [wrangler] feat: source map logged strings (#4423)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.